freedesktop poppler 0.71.0

CPE Details

freedesktop poppler 0.71.0
0.71.0
2019-02-27
12h41 +00:00
2019-02-27
12h41 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:freedesktop:poppler:0.71.0:*:*:*:*:*:*:*

Informations

Vendor

freedesktop

Product

poppler

Version

0.71.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-6239 2024-06-21 13h28 +00:00 A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
7.5
Haute
CVE-2023-34872 2023-07-30 22h00 +00:00 A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
5.5
Moyen
CVE-2022-38784 2022-08-30 02h58 +00:00 Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
7.8
Haute
CVE-2022-38171 2022-08-22 18h33 +00:00 Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).
7.8
Haute
CVE-2021-30860 2021-08-24 18h49 +00:00 An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
7.8
Haute
CVE-2020-27778 2020-12-03 15h46 +00:00 A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
7.5
Haute
CVE-2018-21009 2019-09-05 01h24 +00:00 Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.
8.8
Haute
CVE-2019-14494 2019-08-01 14h05 +00:00 An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
7.5
Haute
CVE-2019-9959 2019-07-22 12h18 +00:00 The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
6.5
Moyen
CVE-2019-12293 2019-05-23 02h54 +00:00 In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
8.8
Haute
CVE-2018-19058 2018-11-07 15h00 +00:00 An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
6.5
Moyen
CVE-2018-19059 2018-11-07 15h00 +00:00 An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files before save attempts.
6.5
Moyen
CVE-2018-19060 2018-11-07 15h00 +00:00 An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
6.5
Moyen
CVE-2018-18897 2018-11-02 05h00 +00:00 An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
6.5
Moyen